← back
CVE-2024-50944

CVE-2024-50944

CVSS 9.8 CRITICALEPSS 1.0%CWE-190
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.8EPSS 1.0%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
27 Dec 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Integer overflow vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f in the shopping cart functionality. The issue lies in the quantity parameter in the CartController's AddToCart method.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/AbdullahAlmutawa/CVE-2024-50944https://github.com/simplcommerce/SimplCommercehttps://github.com/simplcommerce/SimplCommerce/issues/1110https://www.simplcommerce.com/